Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Offensive Cyber Research Engineer

Twenty

Twenty is seeking an exceptionally skilled Offensive Cyber Research Engineer for an in‑office position in its Arlington, VA office to lead the development of sophisticated offensive cyber capabilities that defend democracies worldwide. We're looking for someone with 6-8 years of deep technical expertise in offensive cyber operations, software development, and research, combined with proven leadership experience mentoring engineers and driving strategic technical initiatives. In this role, you'll architect and lead the development of advanced attack path frameworks, establish engineering best practices for offensive tooling, mentor junior researchers, and serve as a technical authority on adversarial techniques and red team operations. You'll leverage your extensive operational background—ideally from government/military Digital Network Exploitation Analysis (DNEA), Exploitation Analyst (EA) operations, advanced penetration testing, or threat intelligence analysis—to shape the technical direction of our offensive cyber capabilities and build the next generation of cyber technologies for the United States and its allies. Technical Leadership & Architecture Lead the architecture and design of sophisticated attack path frameworks that emulate advanced persistent threat (APT) behaviors and nation‑state TTPs Establish technical standards and best practices for offensive cyber tool development across the organization Evaluate and recommend engineering courses of action for new offensive capabilities and system enhancements Drive technical decision‑making for complex offensive cyber integrations and performance optimizations Architect scalable, modular frameworks for attack technique automation and adversary emulation Research & Innovation Conduct advanced research into emerging adversary techniques, zero‑day exploitation strategies, and novel attack vectors Develop proof‑of‑concept tools and techniques that push the boundaries of offensive cyber capabilities Stay current with threat actor innovations and translate emerging TTPs into defensive and offensive capabilities Publish internal research findings and contribute to the broader cyber security research community Identify capability gaps and lead initiatives to develop new offensive tools and methodologies Team Leadership & Mentorship Mentor and provide technical guidance to offensive cyber engineers and researchers, conducting thorough code reviews and knowledge transfer Lead technical discussions and facilitate strategic planning sessions for offensive capability development Organize research efforts and coordinate cross‑functional collaboration with data engineering, backend, and intelligence analysis teams Establish and maintain engineering best practices, secure coding standards, and operational security procedures Guide junior engineers in understanding complex adversary behaviors and translating them into technical implementations Attack Path Development & Implementation Design and implement advanced attack paths that emulate sophisticated adversary campaigns across multiple domains Create reusable, production‑grade components for complex attack techniques including credential harvesting, lateral movement, and defense evasion Develop custom tooling and automation frameworks that operate at machine speed for large‑scale adversary emulation Data Engineering & Intelligence Integration Lead the design of ETL pipelines for processing threat intelligence, security logs, and operational data at scale Architect standardized schemas for cyber operations datasets that support graph‑based analysis and AI/ML workflows Implement advanced data enrichment pipelines that integrate diverse threat intelligence sources Design efficient storage and retrieval systems for large‑scale security‑relevant data Operational Collaboration Work closely with government customers and operational teams to understand mission requirements and capability gaps Translate operational feedback into technical requirements and development priorities Lead technical demonstrations showcasing offensive cyber capabilities to stakeholders Provide subject matter expertise for customer engagements and strategic planning sessions Qualifications Technical Skills & Experience 6-8 years of threat research, offensive cyber operations, and software development experience Expert‑level operational cyber security experience in one or more of the following domains: Digital Network Exploitation Analysis (DNEA) within U.S. Government military or intelligence organizations Exploitation Analyst (EA) operations conducting advanced network exploitation and intelligence analysis Advanced Penetration Testing/Red Teaming leading sophisticated offensive security assessments Senior‑level Threat Hunting and threat intelligence analysis in high‑stakes environments Demonstrated technical leadership experience mentoring offensive cyber engineers and leading research initiatives Deep expertise in the MITRE ATT&CK framework with proven track record developing and implementing advanced adversary TTPs across multiple tactics Expert‑level experience operating and extending industry‑standard threat emulation platforms (Cobalt Strike, Metasploit, custom C2 frameworks) with proven ability to develop sophisticated custom payloads, modules, and evasion techniques Extensive experience integrating and analyzing diverse threat intelligence sources including commercial feeds, OSINT, and government intelligence Advanced proficiency in implementing sophisticated persistence mechanisms, advanced defense evasion techniques, counter‑forensics, and anti‑analysis methods Expert containerization and orchestration experience using Docker and Kubernetes for secure, scalable offensive tool deployment Advanced programming and software architecture skills in Python and Golang, with demonstrated ability to build maintainable, production‑grade security tools and automation frameworks Expert‑level experience writing complex graph queries and developing graph‑based analytical tools using Neo4j or similar graph databases Comprehensive knowledge of cybersecurity across network security, application security, secure coding, cryptography, and security architecture Extensive practical experience in offensive cyber operations including advanced payload development, post‑exploitation frameworks, command and control infrastructure, and multi‑stage attack chains Expert knowledge of red team methodologies including campaign planning, operational security (OPSEC), adversary simulation, and realistic threat emulation based on intelligence‑driven scenarios Leadership & Communication Skills Proven ability to lead technical projects and mentor engineering teams Strong communication skills with ability to explain complex offensive techniques to diverse audiences including executives and government officials Experience conducting thorough code reviews and establishing development standards for security tools Track record of driving technical decision‑making and influencing strategic direction Education Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field; Master's degree preferred, or equivalent practical experience Security Requirements Must be eligible to obtain a U.S. Government security clearance Distinguishing Qualifications Previous technical leadership experience in government cyber operations units or intelligence organizations conducting DNEA or EA operations Experience leading offensive cyber capability development programs or research initiatives Track record of developing novel offensive techniques or tools adopted by operational units Advanced certifications such as OSCP, OSCE, OSEE, GXPN, or government‑recognized advanced offensive security credentials Experience with AI/ML integration in offensive cyber operations and automated threat emulation Extensive background in malware analysis, reverse engineering, exploit development, or vulnerability research Experience with multi‑domain intelligence analysis correlating cyber, SIGINT, ELINT, and other intelligence sources Publications or conference presentations on offensive cyber research or techniques Contributions to open‑source offensive security tools or frameworks Additional Skills Experience with Agile development methodologies and leading agile teams Advanced system architecture and design experience for large‑scale security systems Performance optimization and scalability experience for high‑throughput data processing Experience with cloud security (AWS, Azure, GCP) and cloud‑native attack techniques Deep knowledge of wireless security, IoT protocols, and electromagnetic spectrum operations Expertise with forensics tools, incident response procedures, and defensive cyber operations Understanding of government acquisition processes and requirements development Benefits Health. Medical, dental, and vision plan options. Life / AD&D, disability coverage options. Family. Paid parental leave for eligible full‑time employees. 12 weeks for birthing parents, 4 for non‑birthing parents, 6 weeks for adoptive, foster, or intended parents through surrogacy. Vacation. Paid holidays and flexible PTO. Take what you need. Retirement. 401(k) with pre‑tax and Roth options. HSA/FSA options, dependent care FSA. At the office. Commuter benefits. On‑site garage parking. Bike storage. Building fitness center. Desk setup stipend. Benefits vary by location, role, and eligibility. Full plan details provided during the interview and offer process. Some positions may require eligibility to obtain a U.S. Government security clearance. Any clearance requirement will be listed in the role description. Twenty is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected status. If you need a reasonable accommodation during the hiring process, let us know and we will work with you. #J-18808-Ljbffr Twenty

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Offensive Cyber Research Engineer in Arlington, VA vacancy
  • A progressive technology company is seeking an Offensive Security & Code Analysis Engineer. In this role, you will conduct penetration testing and security assessments to identify vulnerabilities in web applications and networks. The ideal candidate should possess 3+ years... 
    Suggested
    Remote job

    Districttechgroup

    Washington DC
    2 days ago
  • $92k - $195k

    MAXAR TECHNOLOGIES, INC. is seeking a Cyber Operations Capabilities Developer in Maryland to build advanced offensive cyber tooling. The role involves programming in C and Python, conducting reverse engineering, and developing capabilities. Candidates should have a Bachelor... 
    Suggested

    Maxar Technologies

    Washington DC
    3 days ago
  •  ...Senior Offensive Security Engineer - Pentester Denver, Colorado;Seattle, Washington; Jacksonville,...  ...opportunity to shine and grow. The Cyber Security Assurance Division is looking...  ...include leading and performing research, understanding the bank's security policy... 
    Suggested
    Work at office
    Remote work
    Shift work
    Day shift

    Bank of America

    Washington DC
    1 day ago
  • Offensive Security & Code Analysis Engineer Washington, DC Remote Full-Time About This Role As an Offensive Security & Code Analysis Engineer, you will...  ...Create proof-of-concept exploits and demonstrations • Research emerging attack techniques and develop new testing methodologies... 
    Suggested
    Full time
    Remote work

    Districttechgroup

    Washington DC
    2 days ago
  •  ...Apogee Global RMS is seeking a Senior Cybersecurity Engineer / Offensive Security Lead to support high‑visibility federal and IC programs....  ...adversaries, and partner with federal stakeholders to strengthen cyber resilience across complex infrastructures.   Key... 
    Suggested

    Apogee Global RMS

    Washington DC
    4 days ago
  • $111.5k - $207.5k

     ...Title: Senior Specialist, Security Software Research Engineer Job Code: 36915Job Location: RemoteJob...  ...component of L3Harris’ Intelligence and Cyber International Division. We are a trusted...  ...with managers and customer-facing staff members to field queries and questions about... 
    Full time
    Immediate start
    Flexible hours

    L3HHCM20

    Washington DC
    1 day ago
  •  ...platform and our Autonomous Exposure Validation (AEV) product. About The Role We're looking for a technically strong Sales Engineer with an offensive security background to join our US sales team. You will be the trusted technical voice in the sales cycle, helping... 
    Remote job

    BreachLock, Inc.

    Washington DC
    5 days ago
  •  ...MITRE Cyber Threat Intelligence Position Why choose between...  ...the state of the art through research and development, advance the...  ...our government sponsors use offensive security to improve cyber defense...  ...skills as an offensive security engineer and knowledge of adversary... 
    Internship
    Local area

    MITRE

    McLean, VA
    1 day ago
  • Motion Recruitment Partners LLC is seeking full-time Offensive Security Engineers to join their high-performing team in Washington, D.C. This role focuses on the intersection of cybersecurity, artificial intelligence, and national security, where engineers will build automated... 
    Full time
    Relocation package

    Motion Recruitment Partners LLC

    Washington DC
    1 day ago
  •  ...Washington D.C., Pentagon, Springfield, VA., Chantilly, VA., Tysons Corner, VA. Description: We are seeking a Junior Cyber Risk Data Engineer/Analyst . This role focuses on the data side of cyber risk management - capturing outputs from senior SMEs, tagging and... 
    Internship
    Shift work

    Technomics

    Arlington, VA
    4 days ago
  •  ...About Galois Who We Are:  From building digital engineering tools that make space exploration safer to verifying cryptographic libraries...  ...where failure is unacceptable. We are a community of researchers, engineers, and operations people dedicated to creating... 
    Local area
    Immediate start

    Galois

    Arlington, VA
    5 days ago
  • $124k - $140k

     ...Implements technical solutions to novel research problems. Collaborates with more senior research staff to transform research ideas into implemented solutions. Contributes to larger team efforts in implementing research prototypes. Contributes to documentation and publications... 
    Work experience placement
    Local area

    University of Southern California

    Arlington, VA
    4 days ago
  • $100k - $190k

     ...Job Type Full-time Description The Cato Institute seeks qualified candidates for the Senior Research Engineer, Applied AI position. AI tools are proliferating rapidly. Making them genuinely useful for policy research requires someone who bridges the gap... 
    Full time

    Cato Institute

    Washington DC
    4 days ago
  • $188k - $275k

     ...Information Security team is seeking an experienced and talented offensive security engineer to join our team. As part of the Information Security...  ...reviews for development teams within the business Research/stay abreast of new hacking techniques and find ways to counter... 
    Permanent employment
    Temporary work
    Casual work
    Work at office
    Remote work
    Flexible hours

    CoreWeave

    Washington DC
    more than 2 months ago
  • Integration Innovation, Inc. (i3) is seeking a Vulnerability Research Engineer in Washington, DC to support the Naval Research Laboratory’s Tactical Electronic Warfare Division. This role involves reverse engineering software, analyzing systems, and developing tools to... 

    Integration Innovation, Inc. (i3)

    Washington DC
    1 day ago
  • $115k - $181k

    Overview i3 is seeking a Vulnerability Research Engineer to support the Naval Research Laboratory’s Tactical Electronic Warfare Division. You will reverse engineer and analyze software and build purpose-driven tools that help teams test, characterize, and understand real... 

    Integration Innovation, Inc. (i3)

    Washington DC
    1 day ago
  • $124k - $140k

    The University of Southern California is seeking a skilled researcher for a position focused on implementing technical solutions for advanced research problems. The ideal candidate will hold a Master’s degree and possess at least 5 years of relevant experience, particularly... 

    University of Southern California

    Arlington, VA
    4 days ago
  • The University of Southern California seeks to support research by implementing technical solutions to novel problems. Close collaboration with senior research staff is essential to transform ideas into solutions. Candidates must have a Master's degree, less than a year... 

    University of Southern California

    Arlington, VA
    5 days ago
  • EmergencyMD is seeking a Senior Penetration Testing, Software Assurance and Vulnerability Assessment Engineer in Washington, DC. This role involves identifying system vulnerabilities and conducting penetration testing procedures across classified and unclassified environments... 

    EmergencyMD

    Washington DC
    2 days ago
  • $220k - $292k

     ...view of the world, providing needed context for our users. AI Engineers on Anduril’s Frontier AI team build edge-compatible, generative...  ...business lines across Anduril to help discover and scope new research problems REQUIRED QUALIFICATIONS BS in Computer Science, Machine... 
    Full time
    Work experience placement
    Immediate start

    Anduril Industries

    Washington DC
    2 days ago
  •  ...Web Developer Security Engineer The Web Developer Security Engineer protects mission-critical web applications, application programming...  ...spanning application security (such as CSSLP, GWEB, or CASE), offensive security (such as OSWE or OSCP), and foundational security (... 
    Worldwide

    Spry Methods

    Washington DC
    2 hours ago
  • $95k - $112k

     ...Cybersecurity Architecture and Engineering, Critical Infrastructure and...  ...the Diplomatic Security Cyber Mission (DSCM) program providing...  ...testing competence: Offensive Security Certified Professional...  ...(PNPT) GIAC Exploit Researcher and Advanced Penetration Tester... 
    Contract work
    Remote work

    SkyePoint Decisions

    Arlington, VA
    2 days ago
  •  ...applications and platforms through hands-on offensive testing. As an Assessments &...  ...leveraging threat intelligence, security research, and participation in relevant industry...  ...Java, Rust). Experience in reverse engineering thick-client and mobile applications to... 

    Chase

    Washington DC
    4 days ago
  •  ...Alexandria, Va Required Clearance: Top Secret Clearance Certifications: Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved... 
    Temporary work
    Flexible hours

    PingWind Inc

    Alexandria, VA
    20 hours ago
  •  ...project scoping and SOW creation Perform offensive engagements including red teaming and...  ..., mobile applications, social engineering, phishing, physical security, wireless networks...  ...assessments, social engineering, and other cyber-security consulting functions... 
    Work experience placement

    WATI

    Washington DC
    4 days ago
  •  ...identified vulnerabilities and demonstrate exploitability to engineering teams, security peers, and senior leadership. Collaborate with...  ...with the broader security team and mentor engineers on offensive techniques and how to think like an attacker. Basic Qualifications... 
    Full time
    Work at office
    Work from home
    Monday to Thursday

    CoStar Group

    Arlington, VA
    3 days ago
  • $86.8k - $198k

     ...Job Number: R0241887 Cyber Engineer The Opportunity Are you looking for an opportunity to apply your engineering background and cybersecurity experience to deploy solutions that protect and defend critical systems? As a cybersecurity engineer, you can become an integral... 
    Full time
    Contract work
    Part time
    Work at office
    Local area

    Phase2 Technology

    Arlington, VA
    1 day ago
  • Core4ce seeks a dynamic Junior Research Scientist to provide engineering, technical, and program management support to the Office of the Assistant Secretary...  ...’ll interact daily with senior DoD leadership, Joint Staff, FFRDCs, UARCs, industry partners, Combatant Commands,... 
    Temporary work
    Work at office
    Immediate start
    Flexible hours

    Core4ce

    Alexandria, VA
    2 days ago
  •  ...Job Description SAIC is looking for a Senior Cybersecurity Engineer to support our US Navy customer with implementing Comply-to-...  ...years' experience supporting an IT Enterprise environment in a cyber, system administration, engineering or management capacity.... 
    Local area
    Remote work

    Science Applications International Corporation

    Washington DC
    2 days ago
  • $140k - $190k

     ...Security Engineer As a Security Engineer at Method Security, you will be instrumental in expanding the capabilities of our product...  ...Key Responsibilities Build and extend defensive and offensive security-focused tools and workflows that enhance the effectiveness... 

    Method Security

    Washington DC
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Offensive Cyber Research Engineer. Be the first to apply!